Comments on: Recommendations for OU and group policy design http://itknowledgeexchange.techtarget.com/itanswers/recommendations-for-ou-and-group-policy-design/ Sat, 25 May 2013 16:32:12 +0000 hourly 1 By: humblenetadmin http://itknowledgeexchange.techtarget.com/itanswers/recommendations-for-ou-and-group-policy-design/#comment-49164 humblenetadmin Wed, 28 Jun 2006 09:28:03 +0000 #comment-49164 GregNottage

rayne427?s post is right on. That is how I manage the AD structure as well. In my last position as Net Admin. I broke down the AD OU Structure into departmental levels. The primary reason for doing this was for granularity in applying Group Policies for our employees. And the other was because we started providing terminal service access to run applications to our clients. I needed to be able to maintain control of each TS client?s access and desktop, and that control would need to be different at three different levels for each client, as well as different for each client. Following is a diagram of sorts of how I did it. Hope this helps and good luck

AD Domain (Default Domain GPO)
|
-Sales OU (Sale OU GPO)
|
-Customer Service OU (CustServ OU GPO
|
-IS OU (IS OU GPO)
|
-Terminal Service Users OU (TS OU GPO)
|
——Client A (Client A OU GPO)
|
———Branch (ClnABrn OU GPO)
|
———Administration (ClnAAdmin OU GPO)
|
———Corporate (ClnACorp OU GPO)
|
——Client B (Client B OU GPO)
|
———Branch (ClnBBrn OU GPO)
|
———Administration (ClnAAdmin OU GPO)
|
———Corporate (ClnACorp OU GPO)

]]>